SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 14:01:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

tailscale: Add restart triggers

Browse source
This commit is contained in:
SebastianStork 2025-09-17 22:34:47 +02:00
parent 7edd02884e
commit 4f0fea5461
10 changed files with 32 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/system/services/caddy.nix
View file

@ -101,7 +101,10 @@ in
} }
(lib.mkIf tailscaleHostsExist { (lib.mkIf tailscaleHostsExist {
sops.secrets."tailscale/service-auth-key".owner = config.services.caddy.user; sops.secrets."tailscale/service-auth-key" = {
owner = config.services.caddy.user;
restartUnits = [ "caddy.service" ];
};
services.caddy = { services.caddy = {
package = caddyWithTailscale; package = caddyWithTailscale;

5
modules/system/services/crowdsec/default.nix
View file

@ -36,7 +36,10 @@ in
cfg.prometheusPort cfg.prometheusPort
]; ];
sops.secrets."crowdsec/enrollment-key".owner = user; sops.secrets."crowdsec/enrollment-key" = {
owner = user;
restartUnits = [ "crowdsec.service" ];
};
users.groups.caddy.members = lib.mkIf cfg.sources.caddy [ user ]; users.groups.caddy.members = lib.mkIf cfg.sources.caddy [ user ];

5
modules/system/services/forgejo/default.nix
View file

@ -27,7 +27,10 @@ in
ports.tcp.list = [ cfg.port ]; ports.tcp.list = [ cfg.port ];
}; };
sops.secrets."forgejo/admin-password".owner = config.users.users.git.name; sops.secrets."forgejo/admin-password" = {
owner = config.users.users.git.name;
restartUnits = [ "forgejo.service" ];
};
users = { users = {
users.git = { users.git = {

7
modules/system/services/gatus.nix
View file

@ -76,9 +76,10 @@ in
sops = { sops = {
secrets."healthchecks/ping-key" = { }; secrets."healthchecks/ping-key" = { };
templates."gatus.env".content = '' templates."gatus.env" = {
HEALTHCHECKS_PING_KEY=${config.sops.placeholder."healthchecks/ping-key"} content = "HEALTHCHECKS_PING_KEY=${config.sops.placeholder."healthchecks/ping-key"}";
''; restartUnits = [ "gatus.service" ];
};
}; };
custom.services.gatus.endpoints = custom.services.gatus.endpoints =

5
modules/system/services/grafana.nix
View file

@ -21,7 +21,10 @@ in
ports.tcp.list = [ cfg.port ]; ports.tcp.list = [ cfg.port ];
}; };
sops.secrets."grafana/admin-password".owner = config.users.users.grafana.name; sops.secrets."grafana/admin-password" = {
owner = config.users.users.grafana.name;
restartUnits = [ "grafana.service" ];
};
services.grafana = { services.grafana = {
enable = true; enable = true;

1
modules/system/services/hedgedoc.nix
View file

@ -32,6 +32,7 @@ in
templates."hedgedoc/environment" = { templates."hedgedoc/environment" = {
owner = config.users.users.hedgedoc.name; owner = config.users.users.hedgedoc.name;
content = "GITLAB_CLIENTSECRET=${config.sops.placeholder."hedgedoc/gitlab-auth-secret"}"; content = "GITLAB_CLIENTSECRET=${config.sops.placeholder."hedgedoc/gitlab-auth-secret"}";
restartUnits = [ "hedgedoc.service" ];
}; };
}; };

1
modules/system/services/radicale.nix
View file

@ -33,6 +33,7 @@ in
templates."radicale/htpasswd" = { templates."radicale/htpasswd" = {
owner = config.users.users.radicale.name; owner = config.users.users.radicale.name;
content = "seb:${config.sops.placeholder."radicale/admin-password"}"; content = "seb:${config.sops.placeholder."radicale/admin-password"}";
restartUnits = [ "radicale.service" ];
}; };
}; };

10
modules/system/services/syncthing.nix
View file

@ -59,8 +59,14 @@ in
}; };
sops.secrets = lib.mkIf useStaticTls { sops.secrets = lib.mkIf useStaticTls {
"syncthing/cert".owner = config.services.syncthing.user; "syncthing/cert" = {
"syncthing/key".owner = config.services.syncthing.user; owner = config.services.syncthing.user;
restartUnits = [ "syncthing.service" ];
};
"syncthing/key" = {
owner = config.services.syncthing.user;
restartUnits = [ "syncthing.service" ];
};
}; };
services.syncthing = { services.syncthing = {

2
modules/system/services/tailscale.nix
View file

@ -18,7 +18,7 @@ in
config.services.tailscale.port config.services.tailscale.port
]; ];
sops.secrets."tailscale/auth-key" = { }; sops.secrets."tailscale/auth-key".restartUnits = [ "tailscaled.service" ];
services.tailscale = { services.tailscale = {
enable = true; enable = true;

2
modules/system/services/wlan.nix
View file

@ -31,7 +31,7 @@ in
cfg.networks cfg.networks
|> lib.map (name: { |> lib.map (name: {
name = "iwd/${name}"; name = "iwd/${name}";
value = { }; value.restartUnits = [ "iwd.service" ];
}) })
|> lib.listToAttrs; |> lib.listToAttrs;